fi

# this will link libpq against libldap_r

if test "$with_ldap" = yes ; then

if test "$PORTNAME" != "win32"; then

echo "$as_me:$LINENO: checking for ldap_simple_bind in -lldap_r" >&5

echo $ECHO_N "checking for ldap_simple_bind in -lldap_r... $ECHO_C" >&6

if test "${ac_cv_lib_ldap_r_ldap_simple_bind+set}" = set; then

echo $ECHO_N "(cached) $ECHO_C" >&6

else

ac_check_lib_save_LIBS=$LIBS

LIBS="-lldap_r $LIBS"

cat >conftest.$ac_ext <<_ACEOF

/* confdefs.h. */

_ACEOF

cat confdefs.h >>conftest.$ac_ext

cat >>conftest.$ac_ext <<_ACEOF

/* end confdefs.h. */

/* Override any gcc2 internal prototype to avoid an error. */

#ifdef __cplusplus

extern "C"

#endif

/* We use char because int might match the return type of a gcc2

builtin and then its argument prototype would still apply. */

char ldap_simple_bind ();

int

main ()

{

ldap_simple_bind ();

;

return 0;

}

_ACEOF

rm -f conftest.$ac_objext conftest$ac_exeext

if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5

(eval $ac_link) 2>conftest.er1

ac_status=$?

grep -v '^ *+' conftest.er1 >conftest.err

rm -f conftest.er1

cat conftest.err >&5

echo "$as_me:$LINENO: \$? = $ac_status" >&5

(exit $ac_status); } &&

{ ac_try='test -z "$ac_c_werror_flag"

|| test ! -s conftest.err'

{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5

(eval $ac_try) 2>&5

ac_status=$?

echo "$as_me:$LINENO: \$? = $ac_status" >&5

(exit $ac_status); }; } &&

{ ac_try='test -s conftest$ac_exeext'

{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5

(eval $ac_try) 2>&5

ac_status=$?

echo "$as_me:$LINENO: \$? = $ac_status" >&5

(exit $ac_status); }; }; then

ac_cv_lib_ldap_r_ldap_simple_bind=yes

else

echo "$as_me: failed program was:" >&5

sed 's/^/| /' conftest.$ac_ext >&5

ac_cv_lib_ldap_r_ldap_simple_bind=no

fi

rm -f conftest.err conftest.$ac_objext \

conftest$ac_exeext conftest.$ac_ext

LIBS=$ac_check_lib_save_LIBS

fi

echo "$as_me:$LINENO: result: $ac_cv_lib_ldap_r_ldap_simple_bind" >&5

echo "${ECHO_T}$ac_cv_lib_ldap_r_ldap_simple_bind" >&6

if test $ac_cv_lib_ldap_r_ldap_simple_bind = yes; then

cat >>confdefs.h <<_ACEOF

#define HAVE_LIBLDAP_R 1

_ACEOF

LIBS="-lldap_r $LIBS"

else

{ { echo "$as_me:$LINENO: error: library 'ldap_r' is required for LDAP" >&5

echo "$as_me: error: library 'ldap_r' is required for LDAP" >&2;}

{ (exit 1); exit 1; }; }

fi

PTHREAD_LIBS="$PTHREAD_LIBS -lldap_r"

fi

fi

CFLAGS="$_CFLAGS"

LIBS="$_LIBS"

dnl Process this file with autoconf to produce a configure script.

dnl $PostgreSQL: pgsql/configure.in,v 1.469 2006/07/24 16:32:44 petere Exp $

dnl $PostgreSQL: pgsql/configure.in,v 1.470 2006/07/27 13:20:24 momjian Exp $

dnl

dnl Developers, please strive to achieve this order:

dnl

PGAC_FUNC_GETPWUID_R_5ARG

PGAC_FUNC_STRERROR_R_INT

# this will link libpq against libldap_r

if test "$with_ldap" = yes ; then

if test "$PORTNAME" != "win32"; then

AC_CHECK_LIB(ldap_r, ldap_simple_bind, [], [AC_MSG_ERROR([library 'ldap_r' is required for LDAP])])

PTHREAD_LIBS="$PTHREAD_LIBS -lldap_r"

fi

fi

CFLAGS="$_CFLAGS"

LIBS="$_LIBS"

<!-- $PostgreSQL: pgsql/doc/src/sgml/libpq.sgml,v 1.213 2006/07/04 13:22:15 momjian Exp $ -->

<!-- $PostgreSQL: pgsql/doc/src/sgml/libpq.sgml,v 1.214 2006/07/27 13:20:24 momjian Exp $ -->

<chapter id="libpq">

<title><application>libpq</application> - C Library</title>

</sect1>

<sect1 id="libpq-ldap">

<title>LDAP Lookup of Connection Parameters</title>

<indexterm zone="libpq-ldap">

<primary>LDAP connection parameter lookup</primary>

</indexterm>

<para>

If <application>libpq</application> has been compiled with LDAP support (option

<literal><option>--with-ldap</option></literal> for <command>configure</command>)

it is possible to retrieve connection options like <literal>host</literal>

or <literal>dbname</literal> via LDAP from a central server.

The advantage is that if the connection parameters for a database change,

the connection information doesn't have to be updated on all client machines.

</para>

<para>

LDAP connection parameter lookup uses the connection service file

<filename>pg_service.conf</filename> (see <xref linkend="libpq-pgservice">).

A line in a <filename>pg_service.conf</filename> stanza that starts with

<literal>ldap://</literal> will be recognized as an LDAP URL and an LDAP

query will be performed. The result must be a list of <literal>keyword =

value</literal> pairs which will be used to set connection options.

The URL must conform to RFC 1959 and be of the form

<synopsis>

ldap://[<replaceable>hostname</replaceable>[:<replaceable>port</replaceable>]]/<replaceable>search_base</replaceable>?<replaceable>attribute</replaceable>?<replaceable>search_scope</replaceable>?<replaceable>filter</replaceable>

</synopsis>

where <replaceable>hostname</replaceable>

defaults to <literal>localhost</literal> and

<replaceable>port</replaceable> defaults to 389.

</para>

<para>

Processing of <filename>pg_service.conf</filename> is terminated after

a successful LDAP lookup, but is continued if the LDAP server cannot be

contacted. This is to provide a fallback with

further LDAP URL lines that point to different LDAP

servers, classical <literal>keyword = value</literal> pairs, or

default connection options.

If you would rather get an error message in this case, add a

syntactically incorrect line after the LDAP URL.

</para>

<para>

A sample LDAP entry that has been created with the LDIF file

<synopsis>

version:1

dn:cn=mydatabase,dc=mycompany,dc=com

changetype:add

objectclass:top

objectclass:groupOfUniqueNames

cn:mydatabase

uniqueMember:host=dbserver.mycompany.com

uniqueMember:port=5439

uniqueMember:dbname=mydb

uniqueMember:user=mydb_user

uniqueMember:sslmode=require

</synopsis>

might be queried with the following LDAP URL:

<synopsis>

ldap://ldap.mycompany.com/dc=mycompany,dc=com?uniqueMember?one?(cn=mydatabase)

</synopsis>

</para>

</sect1>

<sect1 id="libpq-ssl">

<title>SSL Support</title>

SHLIB_LINK +=$(filter -lcrypt -ldes -lcom_err -lcrypto -lk5crypto -lkrb5 -lssl -lsocket -lnsl -lresolv -lintl$(PTHREAD_LIBS),$(LIBS))

ifeq ($(PORTNAME), win32)

SHLIB_LINK += -lshfolder -lwsock32 -lws2_32$(filter -leay32 -lssleay32 -lcomerr32 -lkrb5_32,$(LIBS))

SHLIB_LINK += -lshfolder -lwsock32 -lws2_32$(filter -leay32 -lssleay32 -lcomerr32 -lkrb5_32 -lwldap32,$(LIBS))